Register Online Now
IMPORTANT: Please kindly take note that we do not take cash, our banking details and references are provided on our website. Thank you kindly for choosing us as your preferred training provider of choice.

COBIT 5 Foundation & NIST Cybersecurity Framework

COBIT 5 Foundation & NIST Cybersecurity Framework
Course Description Overview

Course Specifications

The use of these materials assumes delivery by a properly accredited trainer through an appropriately certified training organization.  

Course Number:


Course Length:

5 days

Course Description Overview:

This 5 day COBIT 5 Foundation and Implementing NIST Cybersecurity Framework using COBIT® 5 course, builds from the foundation level of COBIT, what it is and what it does, to preparing candidates to manage cybersecurity in a controlled and structured way using the NIST Cybersecurity Framework. The second part of the course is based on the ISACA Guide, ‘Implementing NIST Cybersecurity Framework Using COBIT 5’, which provides guidance in the implementation of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) through a seven-step process, aligned with COBIT5 principles. The purpose of this course and qualification is to provide and measure a candidate’s knowledge and understanding of the CSF, its goals, the implementation steps, and the ability to apply this information.

Course Objectives:

This COBIT 5 Foundation course is designed as an introduction to COBIT 5 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilised to achieve IT business integration, cost reductions and increased productivity. The syllabus areas that this course is designed to cover are:

· How IT management issues are affecting organisations

· The need for an effective framework to govern and manage enterprise IT

· How COBIT meets the requirement for an IT governance framework

· How COBIT is used with other standards and best practices

· The functions that COBIT provides and the benefits of using COBIT

· The COBIT Framework and all the components of COBIT

· How to apply COBIT in a practical situation

· COBIT®5 Cyber Security Introduction

· Cybersecurity Challenges

· Step 1: Prioritise and Scope

· Steps 2 and 3: Orient and Create a Current Profile

· Step 4 and Step 5: Conduct a Risk Assessment and Create a Target Profile

· Step 6: Determine, Analyse, and Prioritise Gaps

· Step 7: Implement Action Plan

· CSF Action Plan Review and CSF Life Cycle Management

Target Student:

Although there is no mandatory requirement, ideally candidates should have at least two years professional experience working in IT and an understanding of the COBIT 5 framework. The COBIT 5 NIST Cybersecurity Framework would suit candidates working in the following professions or areas:

· Senior Project Officers

· Project & Program Coordinator/Managers

· IT Security Managers

· Operations Managers

· Business Analysts

· Engineering Managers

· IT Infrastructure Managers

· Internal Consultants

· Professional Consultants


The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.



Course-specific Technical Requirements Hardware:


Course-specific Technical Requirements Software:
Course Content:

Lesson 1: COBIT 5 Overview and Key Features


· What is COBIT 5?

· COBIT 5 Scope

· History of COBIT 5

· The Drivers for COBIT 5

· Mapping COBIT 5 with other frameworks

· Mapping COBIT 5 in a business

· Introduction to the Cybersecurity Framework


Lesson 2: The Five COBIT 5 Principles


· Meeting Stakeholders Needs

· The Goals Cascade

· Covering an Enterprise Endo-to-end

· Single Integrated Framework

· Enabling a Holistic Approach

· Separating Governance from Management


Lesson 3: The Seven COBIT 5 Enablers


· COBIT 5 Enabler Dimensions

· Enabler 1 – Principles, Policy and Frameworks

· Enabler 2 – Processes

· Enabler 3 – Organisational Structures

· Enabler 4 – Culture, Ethics and Behaviour

· Enabler 5 – Information

· Enabler 6 – Services, Infrastructure and Applications

· Enabler 7 – People, Skills and Competencies


Lesson 4: COBIT Implementation


· Challenges to Success

· Key Success Factors

· COBIT 5 Lifecycle Approach

· COBIT 5 Implementation Lifecycle

· Phase 1 – What are the Drivers?

· Phase 2 – Where are we Now?

· Phase 3 – Where do we want to be?

· Phase 4 – What Needs to be Done?

· Phase 5 – How do we get there?

· Phase 6 – Did we get there?

· Phase 7 – How to Keep Momentum

· Business Case


Lesson 5: The COBIT 5 Process Capability Model


· What is a Process Assessment

· What is the COBIT Assessment Programme

· The Differences between a Capability and Maturity Assessment

· Overview of the COBIT 5 Capability Model & Assessments

· The Process Reference Model (PRM)

· The Process Assessment Model (PAM)

· The Measurement Framework


Lesson 6: Critical Security Framework Structure


· Three components of the Cybersecurity Framework (CSF)

· CSF 7 Implementation Steps

· Alignment with COBIT 5 Principles/ Phases

· Framework implementation Flow

· The CSF Core

· The Five Core Functions

· CSF Tiers and Tier Categories

· Four CSF Tiers

· CSF Framework Profiles


Lesson 7: Phase One – What are the drivers?


· Purpose of Phase One

· Phase One Inputs and Outputs

· Phase One Activities

· Develop an Enterprise Architecture Vision

· Determine Scope

· Identify the Risk Architecture

· Step One – Relationship to COBIT 5


Lesson 8: Phase Two – Where are we now?


· Purpose of Phase Two

· Phase Two Inputs and Outputs

· Phase Two Activities

· Tier Selection

· Assets

· Threats and Vulnerabilities

· Current State Profile

· Achievement of an Outcome

· Process Capability Levels

· Attribute Rating Scale


Lesson 9: Phase Three – Where do we want to be?


· Purpose of Phase Three

· Phase Three Inputs and Outputs

· Phase Three Activities

· Risk Assessment

· Target State Profile

· Goals for the Risk Assessment


Lesson 10: Phase Four – What needs to be done?


· Purpose of Phase Four

· Phase Four Inputs and Outputs

· Phase Four Activities

· Gap Assessment

· The Action Plan/ Considerations when Action Planning


Lesson 11: Phase Five – How do we get there?


· Purpose of Phase Five

· Phase Five Inputs and Outputs

· Phase Five Activities

· COBIT 5 Implementation Guide

· Stakeholder Communication

· Action Plan Delivery


Lesson 12: Phase Six – Did we get there


· Purpose of Phase Six

· Phase Six Inputs and Outputs

· Phase Six Activities


Lesson 13: Phase Seven – How to keep the momentum going


· Purpose of Phase Seven

· Phase Seven Inputs and Outputs

· Phase Seven Activities

Register Now
Certification reference (where applicable)